PINDROP BLOG

Month: January 2017

January 31, 2017
Your Brain Is Bad at Security
OAKLAND–Security teams are frustrated constantly by users who ignore warnings about phishing sites, bad certificates, or malware, and just click through to get wherever they were going. It turns out that behavior probably isn’t the users’ fault. It’s just human nature. There are many reasons why this behavior persists, even when users are told in no uncertain…
Read More →
January 31, 2017
Inside the Fight Against Bulletproof Hosting Providers
OAKLAND–For years, bulletproof hosting providers have been the bane of the Internet. They serve as havens for malware, cybercrime operations, and child exploitation rings, while dodging law enforcement by moving their operations early and often. But security researchers and cybercrime investigators are beginning to make some headway in the fight against these operators, through cooperation…
Read More →
January 31, 2017
‘We Need to Embrace the Mundane’ in Security
OAKLAND–The security industry as a whole is really good at identifying interesting new problems and coming up with fancy products to solve them. But there is still a long list of boring, known problems that no one has fixed yet, and those are the ones that need the most attention, experts say. One of those boring problems…
Read More →
January 30, 2017
Google Wants to Encrypt the Web. Now.
OAKLAND–The security engineers at Google have spent years working on improving the security and reliability of Chrome, and it’s had a remarkable effect. They’re not satisfied with just raising the security bar for one browser, though, and now are pushing the rest of the industry and the web community at large to get with the program.…
Read More →
January 30, 2017
On the Wire Podcast: Jeremiah Grossman
Jeremiah Grossman is one of the more well-respected and accomplished members of the security community and after more than a decade building WhiteHat Security, he recently joined SentinelOne as chief of security strategy. He’s been working on and thinking about the ransomware problem and trying to come up with answers for why it’s turned into…
Read More →
January 30, 2017
Facebook Unveils Delegated Recovery Account Security System
OAKLAND–Facebook has developed a new account-recovery system that eschews the typical communications channels used for this process, and instead relies on a user’s connections with other services. The scheme allows users to regain access to accounts without providing any identifiable information to other services. The Delegated Recovery system, which Facebook introduced at the Enigma conference here…
Read More →
January 27, 2017
Dridex Trojan Using New Method to Bypass Windows UAC
Researchers have found a new version of the old Dridex banking Trojan that is being used in a fresh campaign in the U.K. and employs a novel technique to bypass one of the key security safeguards in Windows. Dridex has been around for nearly three years and is descended from the GameOver Zeus Trojan, one…
Read More →
January 26, 2017
Chrome 56 Debuts With Insecure Page Warnings
Google has released a major update to its Chrome browser, which includes fixes for 51 vulnerabilities and marks the end of Flash and the beginning of warnings about pages that send sensitive information over plaintext connections. Chrome 56 has a number of security related upgrades, aside from the patches. The biggest change is that the…
Read More →
January 26, 2017
Executive Order Excludes Non-US Persons From Privacy Act Protections
Buried deep within the executive order on immigration policy that President Trump issued Wednesday is a section that significantly alters the way that the Privacy Act will be applied going forward. A small section of the executive order, which mostly focuses on changes to immigration policy and enforcement, lays out a change that will force…
Read More →
January 25, 2017
Lawmakers Push Bill to Study Vehicle Software Security
A new bill introduced in the House of Representatives Tuesday would force the federal government to perform a long-term study of the security and privacy controls of the software running in vehicles, including their navigation, entertainment and other systems. The bill is sponsored by Rep. Ted Lieu (D-Calif.) and Rep. Joe Wilson (R-S.C.), and it’s another…
Read More →
Webinar: TACKLING THE 113% FRAUD INCREASE IN CALL CENTERS